Apparently hackers managed to gain access to eBay’s systems via a ‘small number’ of employee credentials. The data was hacked sometime between late February and early March, and the data stolen included “customers’ name, encrypted password, email address, physical address, phone number and date of birth.” According to the eBay blog post, no financial data was compromised, and there is no evidence that any PayPal data was accessed. PayPal runs on a separate network and all PayPal financial information is encrypted.

The eBay passwords that were compromised were encrypted, meaning that the hackers still have to find a way to crack the encryption before they can make use of the passwords. I have little doubt that the hackers are hard at work trying to crack the encryption, so I strongly advise you to immediately change your eBay and PayPal passwords. Also, if you use the same password for sites other than eBay, you should change the password for those sites too -preferably to something unique.

Finally, because the hackers got access to eBay user’s email addresses, it is very likely that there will be an increase in spoof or fake phishing emails asking you to click on a link. Be on the look out for such emails, and be extra cautious before you click on any links in any email you receive, unless you are ABSOLUTELY SURE of it’s origins. GICI support customers can always call us to check if an email is trustworthy or not – our friendly staff are always happy to help.